Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\360.Net CLR] 'Start' = '00000002'
- 'C:\DFёьРВіМРт.exe'
- '<SYSTEM32>\svchost.exe' -k "360.Net CLR"
- '<SYSTEM32>\notepad.exe' C:\19ku.txt
- <SYSTEM32>\2840b.dll
- C:\19ku.txt
- C:\DFёьРВіМРт.exe
- C:\DFёьРВіМРт.exe
- 'yu######gjiaolian.3322.org':800
- DNS ASK yu######gjiaolian.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'